Windows 10 Mail App Sends Mails Without My Permission

Page 2 of 3 FirstFirst 123 LastLast
  1. Be4stElectrjc's Avatar
    Posts : 155
    Windows 10
    Thread Starter

    No, i send them, but probably not from my pc, a lot of contacts of mine say stopping sending these mails.
      My Computer

  2. Posts : 149
    Windows 10 Pro x64

    OK - but is it actually your mail account or a spoofed address?

    First point of call is changing the password on the email account.

    Second is to check the headers on of those emails that your contacts receive
      My Computer

  3. Be4stElectrjc's Avatar
    Posts : 155
    Windows 10
    Thread Starter

    First point: My Mail Service Provider is changing my password, i can't do by myself because the Mail Service Provider it's not my actual ISP.

    Second point: The last list of spamming messages was sent at 7:24 of sunday and my pc was turned off at that hour.
      My Computer

  4. lx07's Avatar
    Posts : 5,479

    You could post or check the email header. You can't get it from the mail app - you need to get it from web interface or through another client.

    Depending on your email address it is like this for gmail or yahoo or for like this. Other email hosts you may have to ask.

    You should get something like this at the top of the header showing the sender (an email from MS in this case). You should be able to tell who is sending a mail in your name. If you look up the sender IP address ( here) you get Microsoft which is correct. If it has your name as sender and a different IP then your emails are being spoofed.

    Remember to remove your e-mail address in the places shown in red if you post it.

    Authentication-Results:; spf=pass {sender IP is; identity alignment result is pass and alignment mode is relaxed} smtp.mailfrom=[email protected]; dkim=none {identity alignment result is pass and alignment mode is relaxed}; x-hmca=pass[email protected]
    X-SID-PRA: [email protected]
    X-AUTH-Result: PASS
    X-SID-Result: PASS
    X-Message-Status: n:n
    X-Message-Delivery: Vj0xLjE7dXM9GTtsRTE7YT0xO0Q9KTtHRD0xO1NDTD0w
    X-Message-Info: GnpImppio6N7xti6Y+ibLdShw72IUS7Pu/ea39tFL30MKLcaDsscmX6uG5/mGHnasilKc0F7gUmCAZkrLFffY7OToiAprSiug6cM3wxNdMj4pkc1A/XUlhRDyWqtR0qDVu6FoFKv/v3/zUg3BZpqSMoMz+oSkt+oaTdPVDFsDKQ8OBmlyKveZeX+AfzyvSIN0f7D/eJ3PLMtCghg77TWn6Bzt+kvI2F7897mofH1r7I74cOhSxqqeoMw==
    Received: from {[]} by REMOVED
    		Wed, 28 Oct 2015 18:05:35 -0700
    DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=402420960130;;
    DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=200608;;
    Received: by REMOVED
    From: "Microsoft" <[email protected]>
    Subject: =?UTF-8?B?VGVjaE5ldCBGbGFzaCAtIEFkYW0sIGhlYXIgTWFyayBSdXNzaW5v?=
    Date: Wed, 28 Oct 2015 19:05:32 -0600
    MIME-Version: 1.0
    Reply-To: "Microsoft" <[email protected]>
    x-job: 98449_3841518
    Message-ID: <6a68cac8-f36f-49&[email protected]>
    Content-Type: multipart/alternative;
    Return-Path: [email protected]
    X-OriginalArrivalTime: 29 Oct 2015 01:05:35.0944 {UTC} FILETIME=[EB11B670:01E899E5]
    This is a multi-part message in MIME format.
    Content-Type: text/plain;
      My Computer

  5. Be4stElectrjc's Avatar
    Posts : 155
    Windows 10
    Thread Starter

    I don't have them anymore, was afraid of infection. From my Mail Service Provider Webmail Access i can see header. I need to wait another attack to have a mail in my hands to look in.
    Last edited by Be4stElectrjc; 09 Nov 2015 at 09:36.
      My Computer

  6. Be4stElectrjc's Avatar
    Posts : 155
    Windows 10
    Thread Starter

    Check it for me guys. If you need to remove something, feel free to do it.

    Return-Path: REMOVED
    Delivered-To: REMOVED
    Received: (qmail 9529 invoked by uid 89); 8 Nov 2015 06:24:09 -0000
    Received: from unknown (HELO (
    by with SMTP; 8 Nov 2015 06:24:09 -0000
    Received: from ([])
    by with bizsmtp
    id euQ91r03h0Tq7sw01uQ9fV; Sun, 08 Nov 2015 07:24:10 +0100
    Received: from WIN-NPPN1JPV75J (unknown [])
    by (Postfix) with ESMTPA id DC9CA80F67;
    Sun, 8 Nov 2015 07:24:08 +0100 (CET)
    DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;; s=dkim;
    t=1446963850; bh=5oN2SRwNoEcpkO6Evt2NfYgPh49+GPz+A152plXm90s=;
    From: REMOVED
    Subject: Fw: new message
    Date: Sat, 7 Nov 2015 22:24:01 -0800
    Message-ID: <[email protected]>
    MIME-Version: 1.0
    Content-Type: multipart/alternative;
    X-Mailer: Microsoft Outlook 15.0
    Thread-Index: AdEmDynrtB1rOLeCMrdN6se3es3s6A==
    Content-Language: en-us
    X-Antivirus: avast! (VPS 151107-0, 11/07/2015), Outbound message
    X-Antivirus-Status: Clean
    X-Spam-Rating: 1.6.2 0/1000/N
    X-Antivirus: AVG for E-mail 2016.0.7227 [4457/10966]
    X-AVG-ID: ID3A8231C2-5D0BD32A
      My Computer

  7. lx07's Avatar
    Posts : 5,479
       #17 isn't you presumably.
      My Computer

  8. Be4stElectrjc's Avatar
    Posts : 155
    Windows 10
    Thread Starter

    I have seen a mail sent by mine. There are internal and external ip address of my network. WIN-NPPN1JPV75J is the sender, a botnet, there's a page about it on google.
      My Computer

  9. lx07's Avatar
    Posts : 5,479

    If you mean this Google Groups I just saw it.

    There are others like this Orario posta in arrivo sbagliato asking why the spam filters are not picking it up (I don't understand much Italian though).

    Gmail should filter mail like this - I see things in Spam now I look. Was it the contacts with the non-gmail accounts that were complaining? (Well done for removing them btw).
      My Computer

  10. Be4stElectrjc's Avatar
    Posts : 155
    Windows 10
    Thread Starter

    I have @ngi, not @gmail. The page i am talking about is this.

    New Threat: The WIN-NPPN1JPV75J Botnet
    Last edited by Be4stElectrjc; 10 Nov 2015 at 02:10.
      My Computer

Page 2 of 3 FirstFirst 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 05:41.
Find Us

Windows 10 Forums